Skip to main content

Unzipper

2 CVEs product

Monthly

CVE-2018-1002203 npm MEDIUM POC PATCH THREAT This Month

unzipper npm library before 0.8.13 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Path Traversal Node.js Unzipper
NVD GitHub
CVSS 3.0
5.5
EPSS
11.9%
CVE-2014-1975 MEDIUM This Month

Directory traversal vulnerability in the R-Company Unzipper application 1.0.1 and earlier for Android allows remote attackers to overwrite or create arbitrary files via a crafted filename. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Path Traversal Google Unzipper
NVD VulDB
CVSS 2.0
5.8
EPSS
0.3%
EPSS 12% CVSS 5.5
MEDIUM POC PATCH THREAT This Month

unzipper npm library before 0.8.13 is vulnerable to directory traversal, allowing attackers to write to arbitrary files via a ../ (dot dot slash) in a Zip archive entry that is mishandled during. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. Public exploit code available.

Path Traversal Node.js Unzipper
NVD GitHub
EPSS 0% CVSS 5.8
MEDIUM This Month

Directory traversal vulnerability in the R-Company Unzipper application 1.0.1 and earlier for Android allows remote attackers to overwrite or create arbitrary files via a crafted filename. Rated medium severity (CVSS 5.8), this vulnerability is remotely exploitable. No vendor patch available.

Path Traversal Google Unzipper
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy